Most IT Pros Ill-Prepared to Deal With BreachesBy Maggie O'Neill | Posted 12-17-2014
On the heels of security breaches at Neiman Marcus, Target and Home Depot, more and more IT leaders are expressing concern about the occurrence of a security breach in their place of business. In fact, a recent survey from EiQ Networks, a provider of security intelligence, risk and compliance solutions, shows that nearly 90 percent of IT security professionals (including network and systems engineers, senior management, security managers and directors), across numerous industries, are "concerned" or "highly concerned" about a data breach occurrence in 2015.
This partially stems from anxiety caused by the many reports of recent high-profile cases. However, it's also due to cyber-security realities that organizations of all sizes face.
"If you look at the last two years of breach research, it is pretty clear that breaches are occurring across the spectrum," says Vijay Basani, CEO of EiQ Networks. "It's not necessarily just a reaction; it's also a reality on the ground."
In the survey, just 15 percent of IT professionals report that they feel well-prepared to deal with a security breach, and only 21 percent are confident that their technologies can mitigate risk.
"Just implementing technologies doesn't solve cyber-security problems," says Basani, who explains that people, processes and technology are all part of the solution. Having senior management on board is also crucial. Often, senior executives may feel that as long as their company is in compliance, their risk of prosecution in the case of a security breach is minimal.
That perception is likely to change over time, with the Target breach acting as a watershed case, according to Basani. Although no one has been prosecuted, executives were fired and the board came under close scrutiny, he points out. A number of states' district attorneys also requested additional information about the breach.
Loss of consumer confidence may be the end result of these types of security breaches, he adds. Providing a customer with a 12-month paid monitoring service does little to address the real concerns of people who have had their private information, such as a social security number, hacked and illegally obtained.
Many consumers feel that businesses can no longer be trusted to provide the security they need, he says. As a result, technologies such as Apple Pay and Google Wallet may grow in popularity.
Basani lists another factor in the rising concern about cyber-attacks: While large companies may have the funding, resources, essential technologies and dedicated security team to build a large security program, small and midsize companies may lack the expertise, dedicated staff and subject knowledge to provide continuous monitoring. Some businesses may falsely believe that having a firewall is enough to keep them protected.
Survey results show that a full 60 percent of IT pros report having only a partial process in place to provide a cyber-defense, and 11 percent say they have no process at all. Another 31 percent report having a solid process, and 15 percent think they are well-prepared in the case of a cyber-attack.
To provide cyber-security protection, 81 percent of the survey respondents report using a traditional firewall, while 66 percent use anti-virus software, 60 percent use intrusion defense systems/intrusion prevention systems (IDS/IPS), 60 percent utilize log management, and 44 percent turn to security information and event management (SIEM). Due to cost savings, performance gains and technology advantages, however, 85 percent of respondents indicate they plan to turn to managed services solutions to replace their current SIEM.
"Historically, SIEM solutions have done well in the market over the past 10 years, predominantly driven by compliance," Basani says. "They provide a checkbox for the auditor to show they have a solution in place."
But SIEM solutions are often complex for businesses to manage, requiring a dedicated staff and continuous fine-tuning to derive value. Many companies simply lack the ability to do this.
"If you go outside the Fortune 500 companies to enterprise and midmarket companies, you don't have around-the-clock security operations monitoring the environment," Basani says.